class UsersController < ApplicationController
  
  
  # Protect these actions behind an admin login
  before_filter :admin_required, :only => [:suspend, :unsuspend, :destroy, :purge]
  
  before_filter :logged_in?, :only => [:edit, :update]
  

  # render new.rhtml
  def new
    @page_title = I18n.t('user.new_title')
    @user = User.new
    @user.build_location
    @photo = Photo.new   
  end
 
  def create
    @page_title = I18n.t('user.new_title')
    logout_keeping_session!    
      @user = User.new(params[:user])    
      @user.register! if (success = @user && @user.valid?)    
      if success && @user.errors.empty?
      else 
        @photo = Photo.new
         render :action => 'new'
      end

    
  end

  def edit    
    @page_title = I18n.t('user.edit_title')
    @user = current_user
    @photo = Photo.new    
  end

  def update
    @page_title = I18n.t('user.edit_title')    
    @user = current_user
    @user.attributes = params[:user]    
    @user.save if (success = @user && @user.valid?)    
    if success && @user.errors.empty?
      redirect_to "/" + @user.alias
    else 
      @photo = Photo.new
      render :action => 'edit'
    end
  end

  def activate
    logout_keeping_session!
    user = User.find_by_activation_code(params[:activation_code]) unless params[:activation_code].blank?
    case
    when (!params[:activation_code].blank?) && user && !user.active?
      user.activate!
      flash[:notice] = "Signup complete! Please sign in to continue."
      redirect_to '/login'
    when params[:activation_code].blank?
      flash[:error] = "The activation code was missing.  Please follow the URL from your email."
      redirect_back_or_default('/')
    else 
      flash[:error]  = "We couldn't find a user with that activation code -- check your email? Or maybe you've already activated -- try signing in."
      redirect_back_or_default('/')
    end
  end

  def suspend
    @user.suspend! 
    redirect_to users_path
  end

  def unsuspend
    @user.unsuspend! 
    redirect_to users_path
  end

  def destroy
    @user.delete!
    redirect_to users_path
  end

  def purge
    @user.destroy
    redirect_to users_path
  end
  
  def change_password
    return unless request.post?
    if User.authenticate(current_user.login, params[:old_password])
      if ((params[:password] == params[:password_confirmation]) && 
                            !params[:password_confirmation].blank?)
        current_user.password_confirmation = params[:password_confirmation]
        current_user.password = params[:password]

        if current_user.save
          flash[:notice] = "Password successfully updated" 
          redirect_to profile_url(current_user.login)
        else
          flash[:alert] = "Password not changed" 
        end

      else
        flash[:alert] = "New Password mismatch" 
        @old_password = params[:old_password]
      end
    else
      flash[:alert] = "Old password incorrect" 
    end
  end

  #gain email address
  def forgot_password
    return unless request.post?
    if (@user = User.find_by_email(params[:user][:email]))
      @user.forgot_password
      @user.save
      redirect_back_or_default('/')
      flash[:notice] = "A password reset link has been sent to your email address" 
    else
      flash[:alert] = "Could not find a user with that email address" 
    end
  end

  #reset password
  def reset_password
    @user = User.find_by_password_reset_code(params[:id])
    return if @user unless params[:user]

    if ((params[:user][:password] && params[:user][:password_confirmation]) && 
                            !params[:user][:password_confirmation].blank?)
      self.current_user = @user #for the next two lines to work
      current_user.password_confirmation = params[:user][:password_confirmation]
      current_user.password = params[:user][:password]
      @user.reset_password
      flash[:notice] = current_user.save ? "Password reset success." : "Password reset failed." 
      redirect_back_or_default('/')
    else
      flash[:alert] = "Password mismatch" 
    end  
  end
  
 

  def get_contacts
    require 'contacts'
    a = ""
    begin
      params[:form] = "gmail"
      params[:login] = ""
      params[:password] = ""
      #@sites = { 'gmail'  => Contacts::Gmail, 'yahoo' => :Contacts::Yahoo, 'hotmail' => Contacts::Hotmail }
      @contacts = Contacts.new(:gmail, params[:login], params[:password]).contacts
      @users , @no_users = [], []
      @contacts.each do |contact|
        #if u = User.find(:first , :conditions => @users.email = ‘#{contact[1]}’ , :include =>[:user])
        unless u = User.find(:first , :conditions => ["email = ?", contact[1]] )
          @no_users << {:name => contact[0] , :email => contact[1]}
          a+= contact[0].to_s + " " + contact[1].to_s + "<br />"
        end
      end
    end
    render :text => a
  end
  
  def link_user_accounts
    if self.current_user.nil?
      #register with fb            
      User.create_from_fb_connect(facebook_session.user)
    else
      #connect accounts
      self.current_user.link_fb_connect(facebook_session.user.id) unless self.current_user.fb_user_id == facebook_session.user.id
    end
    redirect_to '/'
  end

protected
  
  def find_user
    @user = User.find(params[:id])
  end
end
